Alex Casalboni Technical Evangelist, AWS @alex_casalboni @ 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved Advanced Serverless Architectural Patterns on AWS

© 2018 Amazon Web Services, Inc. or its Affiliates. All rights reserved. About me • Software Engineer & Web Developer • Startupper for 4.5 years • ServerlessDays Organizer • AWS Customer since 2013

© 2018 Amazon Web Services, Inc. or its Affiliates. All rights reserved. Agenda Serverless foundations (quickly, I promise!) Advanced serverless patterns: 1. Web application 2. Stream processing 3. Data lake 4. Machine learning

© 2018 Amazon Web Services, Inc. or its Affiliates. All rights reserved. Compute Spectrum AWS Lambda Amazon Kinesis Amazon S3 Amazon API Gateway Amazon SQS Amazon DynamoDB AWS IoT Amazon EMR Amazon ElastiCache Amazon RDS Amazon Redshift Amazon Elasticsearch Managed Serverless Amazon EC2 Microsoft SQL Server “On Amazon EC2” Amazon Cognito Amazon CloudWatch Amazon Athena AWS X-Ray AWS Step Functions Amazon MQ Amazon SageMaker Amazon Neptune AWS Fargate Amazon DocumentDB

© 2018 Amazon Web Services, Inc. or its Affiliates. All rights reserved. Serverless means… No server or container management Flexible scaling No idle capacity $ High availability

© 2018 Amazon Web Services, Inc. or its Affiliates. All rights reserved. Bootstrap the runtime Start your code Lambda: The execution lifecycle Cold start Warm start Download your code Start new container Time

© 2018 Amazon Web Services, Inc. or its Affiliates. All rights reserved. Tune your function’s resources Only a memory control - % of CPU core and network capacity allocated to a function proportionally Is your code CPU, network or memory-bound? If so, it could be cheaper to choose more memory > Memory, > Cores, > Network

© 2018 Amazon Web Services, Inc. or its Affiliates. All rights reserved. “AWS Lambda Power Tuning” Data-driven cost & performance optimization for AWS Lambda github.com/alexcasalboni/aws-lambda-power-tuning Lambda Power Tuning

© 2018 Amazon Web Services, Inc. or its Affiliates. All rights reserved. Lambda best practices Minimize your package size & use only needed SDK modules Put your dependency (e.g. .jar files) in a separate directory Improve dependency injection with smaller and simpler IoC frameworks that load quickly on startup, like Dagger2 Leverage smaller and faster frameworks like jackson-jr for Java data binding Use environment variables to modify operational behavior Secure secrets/tokens/passwords with Parameter Store and AWS Secrets Manager

© 2018 Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Serverless Application Model (SAM) AWS CloudFormation extension (Macro) to simplify serverless apps New serverless resource types: functions, APIs, and tables Local testing with SAM CLI github.com/awslabs/serverless-application-model

© 2018 Amazon Web Services, Inc. or its Affiliates. All rights reserved. Source Build Test Deploy AWS CodeCommit AWS CodeBuild Third Party Tooling AWS CodeDeploy AWS CodePipeline AWS CodeStar AWS code services

© 2018 Amazon Web Services, Inc. or its Affiliates. All rights reserved. Lambda alias traffic shifting & AWS SAM AutoPublishAlias By adding this property AWS SAM will do the following: • Detect when new code is being deployed based on changes to the Amazon S3 URI of the Lambda function • Create and publish an updated version of that function with the latest code • Create an alias with a name you provide and point to the updated version of the Lambda function Deployment preference type Canary10Percent30Minutes Canary10Percent5Minutes Canary10Percent10Minutes Canary10Percent15Minutes Linear10PercentEvery10Minutes Linear10PercentEvery1Minute Linear10PercentEvery2Minutes Linear10PercentEvery3Minutes AllAtOnce

@ 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved Pattern 1 Web app / microservice / API

© 2018 Amazon Web Services, Inc. or its Affiliates. All rights reserved. Web application (1) DynamoDB Lambda API Gateway Browser CloudFront Amazon S3 Cognito

© 2018 Amazon Web Services, Inc. or its Affiliates. All rights reserved. Choose the right API endpoint type Edge optimized: reduce latency from anywhere on the Internet AWS Region API Gateway Internet edge location edge location edge location CloudFront Distribution API Gateway Managed

© 2018 Amazon Web Services, Inc. or its Affiliates. All rights reserved. Web application (2) DynamoDB Lambda API Gateway Browser CloudFront S3 Cognito Lambda@Edge

© 2018 Amazon Web Services, Inc. or its Affiliates. All rights reserved. Lambda@Edge use cases & blueprints Content customization • Based on user attributes, device properties Visitor session validation • User-agent validation—add an Access- Control-Allow-Header • Validate access token to confirm authentication URL customization • Re-write URLs, pretty URLs A/B testing and cookie-based sticky sessions • “Flip a coin” to select a version of content displayed to each user Security • Security header insertions (HSTS, X-Content- Type-Options, and more) • Bot handling

© 2018 Amazon Web Services, Inc. or its Affiliates. All rights reserved. Choose the right API endpoint type Regional AWS us-east-2 API Gateway Internet AWS us-west-2 API Gateway Route 53 Lambda DynamoDB Lambda DynamoDB Global Tables

© 2018 Amazon Web Services, Inc. or its Affiliates. All rights reserved. Regional AWS us-east-2 API Gateway Internet AWS us-west-2 API Gateway Amazon CloudFront Amazon CloudFront Lambda DynamoDB Lambda DynamoDB Global Tables Choose the right API endpoint type Route 53

© 2018 Amazon Web Services, Inc. or its Affiliates. All rights reserved. Regional API Gateway Internet API Gateway Route 53 Lambda DynamoDB Lambda DynamoDB Global Tables Lambda@Edge CloudFront Choose the right API endpoint type AWS us-east-2 AWS us-west-2

© 2018 Amazon Web Services, Inc. or its Affiliates. All rights reserved. Private: expose APIs only inside your VPC AWS Region API Gateway Your VPC AWS Direct Connect On-premises Choose the right API endpoint type

© 2018 Amazon Web Services, Inc. or its Affiliates. All rights reserved. DynamoDB Lambda API Gateway Browser CloudFront Amazon S3 Cognito Serverless web app security

© 2018 Amazon Web Services, Inc. or its Affiliates. All rights reserved. DynamoDB Lambda API Gateway Browser CloudFront S3 Cognito Serverless web app security Static Content • Geo-Restrictions • Signed Cookies • Signed URLs • DDOS Protection • Bucket Policies • ACLs AuthZ • Cross Account • Throttling per method • Resource Policies • Usage Plans • Encryption at Rest • VPC Endpoint • Function policies • Env Variables • Parameters/Secrets

© 2018 Amazon Web Services, Inc. or its Affiliates. All rights reserved. Lambda Authorizer Client Lambda API Gateway DynamoDB IAM Lambda authorizers Two types: TOKEN―authorization token passed in a header REQUEST―all headers, query strings, paths, stage variables, or context variables

© 2018 Amazon Web Services, Inc. or its Affiliates. All rights reserved. GraphQL: A query language for APIs Resources defined by a GraphQL schema Client sends query, server orchestrates data Multiple transports such as HTTP, MQTT, WebSockets Efficient for network bandwidth & dev time Self-documenting - introspection tooling

© 2018 Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS AppSync DynamoDB Lambda Elasticsearch GraphQL Schema Upload Schema Query Mutation Subscription Real-time Online/Offline AWS AppSync Cognito User Pool Legacy Application Amazon RDS HTTP Resolver

@ 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved Pattern 2 Data processing (stream)

© 2018 Amazon Web Services, Inc. or its Affiliates. All rights reserved. Streaming with Amazon Kinesis Collect, process, and analyze video and data streams in real time Kinesis Data Firehose SQL Kinesis Data Analytics Kinesis Data Streams Kinesis Video Streams

© 2018 Amazon Web Services, Inc. or its Affiliates. All rights reserved. Streaming data ingestion Amazon S3: Buffered files Kinesis Agent Record producers Amazon Redshift: Table loads Amazon Elasticsearch Service: Domain loads Amazon S3: Source record backup Transformed records Put Records Kinesis Firehose: Delivery stream AWS Lambda: Transformations & enrichment Amazon DynamoDB: Lookup tables Raw Lookup Transformed

© 2018 Amazon Web Services, Inc. or its Affiliates. All rights reserved. Streaming data ingestion (HTTP) HTTP POST/PUT API Gateway Browser Amazon S3: Buffered files Amazon Redshift: Table loads Amazon Elasticsearch Service: Domain loads Amazon S3: Source record backup AWS Lambda: Transformations & enrichment Amazon DynamoDB: Lookup tables Raw Lookup Transformed Transformed records Kinesis Firehose: Delivery stream

© 2018 Amazon Web Services, Inc. or its Affiliates. All rights reserved. Streaming data ingestion (at the edge) Amazon S3: Buffered files Amazon Redshift: Table loads Amazon Elasticsearch Service: Domain loads Amazon S3: Source record backup AWS Lambda: Transformations & enrichment Amazon DynamoDB: Lookup tables Raw Lookup Transformed Transformed records Kinesis Firehose: Delivery stream HTTP POST/PUT CloudFront Lambda@Edge Browser

© 2018 Amazon Web Services, Inc. or its Affiliates. All rights reserved. Kinesis Best practices Tune Firehose buffer size and buffer interval • Larger objects = fewer Lambda invocations & Amazon S3 PUTs Enable compression to reduce storage costs Enable Parquet format transformation (columnar) Enable Source Record Backup for transformations • Recover from transformation errors

© 2018 Amazon Web Services, Inc. or its Affiliates. All rights reserved. Kinesis Data Streams and Lambda # of shards corresponds to concurrent invocations of Lambda function Batch size sets maximum # of records per invocation (min 1, max 10K) Data Stream Processor Function Streaming source Other AWS services

© 2018 Amazon Web Services, Inc. or its Affiliates. All rights reserved. Fan-out pattern Trade strict message ordering for higher throughput & lower latency Kinesis Data Streams: Stream Lambda: Dispatcher function Lambda: Processor function Increase throughput, reduce processing latency Streaming source github.com/aws-samples/aws-lambda-fanout

© 2018 Amazon Web Services, Inc. or its Affiliates. All rights reserved. Real-time analytics Data Stream Kinesis Data Analytics: Time window aggregation Kinesis Data Firehose: Error stream S3: Error records Record producers Lambda: Alert function DynamoDB SNS: Notifications

© 2018 Amazon Web Services, Inc. or its Affiliates. All rights reserved. CREATE OR REPLACE PUMP "STREAM_PUMP" AS INSERT INTO "DESTINATION_SQL_STREAM" SELECT STREAM "device_id", STEP("SOURCE_SQL_STREAM_001".ROWTIME BY INTERVAL '10' MINUTE) as "window_ts", SUM("measurement") as "sample_sum", COUNT(*) AS "sample_count" FROM "SOURCE_SQL_STREAM_001" GROUP BY "device_id", STEP("SOURCE_SQL_STREAM_001".ROWTIME BY INTERVAL '10' MINUTE); Kinesis Data Analytics Aggregation 10-minute tumbling window Kinesis Data Analytics: Time window aggregation Source stream Destination stream(s)

@ 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved Pattern 3 Data Lakes

© 2018 Amazon Web Services, Inc. or its Affiliates. All rights reserved. Data lake characteristics Collect, store, process, consume, and analyze organizational data Structured, semi-structured, and unstructured data Decoupled compute and storage Fast automated ingestion Schema on-read Complementary to data warehouses

© 2018 Amazon Web Services, Inc. or its Affiliates. All rights reserved. Serverless data lake S3 Elasticsearch Glue DynamoDB Catalog & search Cognito API Gateway API/UI Athena QuickSight Redshift Spectrum Analytics & processing Lambda Kinesis Streams Kinesis Firehose Direct Connect Ingest AWS IoT KMS CloudTrail IAM Macie Security & auditing

© 2018 Amazon Web Services, Inc. or its Affiliates. All rights reserved. Glue Crawlers Glue Data Catalog QuickSight Redshift Spectrum Athena S3 Bucket(s) How to “serverlessly” query your data lake

© 2018 Amazon Web Services, Inc. or its Affiliates. All rights reserved. Analytics options S3 Select on CSV, JSON and Apache Parquet objects Amazon QuickSight (data exploration) Amazon Athena (SQL queries) AWS Lambda (BYOL) Amazon SageMaker (predictions) Amazon EMR (Hadoop) AWS Glue (ETL)

© 2018 Amazon Web Services, Inc. or its Affiliates. All rights reserved. Athena―Serverless interactive query service Query duration: 44.66 seconds Data scanned: 169.53GB Cost*: $0.85 * $5/TB or $0.005/GB SELECT gram, year, sum(count) FROM ngram WHERE gram = 'just say no' GROUP BY gram, year ORDER BY year ASC;

© 2018 Amazon Web Services, Inc. or its Affiliates. All rights reserved. Athena best practices Partition data s3://my-bucket/my-data/parquet/year=2018/month=11/day=25/ Use columnar formats – Apache Parquet, AVRO, ORC Compress files with splittable compression (bzip2) Optimize file sizes aws.amazon.com/blogs/big-data/top-10-performance-tuning-tips-for-amazon-athena

© 2018 Amazon Web Services, Inc. or its Affiliates. All rights reserved.

© 2018 Amazon Web Services, Inc. or its Affiliates. All rights reserved. Serverless batch processing (Map/Reduce) Lambda: Splitter S3 Object DynamoDB: Mapper Results Lambda: Mappers …. …. Lambda: Reducer S3 Results

© 2018 Amazon Web Services, Inc. or its Affiliates. All rights reserved. Pywren Python library developed by University of California, Berkeley 10 TFLOPS of peak compute power (default of 1000 concurrent functions) Over 80 GB/sec of read and 60 GB/sec of write performance using S3 http://pywren.io

@ 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved Pattern 4 Machine Learning

© 2018 Amazon Web Services, Inc. or its Affiliates. All rights reserved. M L F R A M E W O R K S & I N F R A S T R U C T U R E The Amazon ML Stack: Broadest & Deepest Set of Capabilities A I S E R V I C E S R E K O G N I T I O N I M A G E P O L L Y T R A N S C R I B E T R A N S L A T E C O M P R E H E N D C O M P R E H E N D M E D I C A L L E X R E K O G N I T I O N V I D E O Vision Speech Chatbots A M A Z O N S A G E M A K E R B U I L D T R A I N F O R E C A S T T E X T R A C T P E R S O N A L I Z E D E P L O Y Pre-built algorithms & notebooks Data labeling (G R O U N D T R U T H ) One-click model training & tuning Optimization ( N E O ) One-click deployment & hosting M L S E R V I C E S F r a m e w o r k s I n t e r f a c e s I n f r a s t r u c t u r e E C 2 P 3 & P 3 d n E C 2 C 5 F P G A s G R E E N G R A S S E L A S T I C I N F E R E N C E Models without training data (REINFORCEMENT LEARNING) Algorithms & models ( A W S M A R K E T P L A C E ) Language Forecasting Recommendations NEW NEW NEW NEW NEW NEW NEW NEW NEW

© 2018 Amazon Web Services, Inc. or its Affiliates. All rights reserved. 1. Upload 2. Submit image Image processing with Amazon Rekognition Image Step Functions 3. Store image Lambda DynamoDB Elasticsearch 8. Store metadata & analysis 4. DetectFaces 7. DetectText 5. DetectLabels 6. DetectModeration

© 2018 Amazon Web Services, Inc. or its Affiliates. All rights reserved. Media analysis solution S3: Web interface Cognito Amazon Rekognition Video: Detect objects, scenes, faces, & celebrities Elasticsearch: Search index API Gateway: REST APIs https://aws.amazon.com/answers/media-entertainment/media-analysis-solution/ AWS Elemental MediaConvert: Transcode videos S3: Media storage Step Functions: Orchestrate analysis Transcribe Comprehend

© 2018 Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Connect (Serverless contact center) Real time and historical analytics High-quality voice capability Call recording Skills-based routing [Automatic Call Distribution (ACD)]

© 2018 Amazon Web Services, Inc. or its Affiliates. All rights reserved. Intelligent call center chatbot Amazon Connect Customer Amazon Lex Lambda: Chatbot Processing DynamoDB: Customer Data SNS: SMS Messaging Customer calls Connect to reschedule an appointment Connect calls Lex chatbot Lex chatbot calls Lambda function to get customer preferences and fulfil Intents Lambda function sends text message confirmation via SNS Customer receives appointment confirmation text message Lambda function writes updates to DynamoDB

© 2018 Amazon Web Services, Inc. or its Affiliates. All rights reserved. Call center analytics Amazon Connect Customers Agents Call recordings S3: Call recordings S3: Call transcripts Step Functions Transcribe Lambda S3: Sentiment, key phrases, entities Step Functions S3 Notifications for call transcripts Comprehend Lambda Athena QuickSight Contact trace records (CTRs) Kinesis Data Streams Kinesis Data Firehose S3: CTRs

Alex Casalboni Technical Evangelist, AWS @alex_casalboni @ 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved Thank you!